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DETAILED ACTION 

1 . Claim 1-33, 35, 37, 38, 41 , and 42 are pending in this office action. 

2. Applicant's arguments, filed January 26, 2005, have been fully considered but 
they a "reTriot persuasive: - 

Rejections 

3. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

Claim Rejections - 35 USC § 103 

4. Claims 1-33, 35, 37, 38, 41, and 42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Carter (U.S. Patent No. 5,787,175) in view of Follendore. Ill (U.S. 
Patent No. 6,011,847). 

Regarding claims 1,15, and 31 . Carter teaches a [secure content object] 
method/system for protecting an electronic document, comprising: 

• Encrypting the electronic document using a document encryption key (fig. 6, ref. 
num 112 and col. 13, lines 4-17); 
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• Generating a multi-key encryption table for use in a multi-key encryption method, 
the table comprising at least one multi-key encryption component (fig. 6, ref. 
num 114, 116, and 118 and col. 13, line 18 through col. 14, line 22); 

• Associating a user interface device with the encrypted header, the multi-key 
encryption table and the encrypted electronic document, wherein the user 

interface device comprises unencrypted information for identifying the-electronic 

document and an interactive element for enabling a user to input a user 
authorization for access to at least a portion of the encrypted electronic 
document (fig. 9, ref. num 152 and col. 16, lines 16-29); and 

• Combining the user authorization with each of the stored multi-key components 
in the multi-key encryption key table to decrypt the encrypted header (fig. 9, ref. 
num 160 and 162 and col. 16, line 60 through col. 17, line 26). 

Carter does not teach generating a plurality of dummy encryption 
components, wherein the multi-key encryption table includes no information that 
may identify a user or the electronic document, or generating an encrypted header 
comprising information pertaining to the electronic document or upon a valid decryption 
of the encrypted header, decrypting the portion of the encrypted electronic document. 

Follendore, III teaches generating an encrypted header comprising information 
pertaining to the electronic document (fig. 2, ref. num 224 and col. 1 , lines 22-25); and 
upon a valid decryption of the encrypted header, decrypting the portion of the encrypted 
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electronic document (fig. 2, ref. num 242) and generating a plurality of dummy 
encryption components, wherein the multi-key encryption table includes no 
information that may identify a user or the electronic document (col. 8, line 51 
through col. 9, line 7). 

— It-would have been-obvious to one-of ordinaiy skilMn-the-art, at-the-time the 

invention was made, to combine generating an encrypted header comprising 
information pertaining to the electronic document and upon valid decryption of the 
header, decrypting the encrypted electronic document, and generating a plurality of 
dummy encryption components, wherein the table includes no information identifying a 
user or the document, as taught by Follendore. ML with the method/system of Carter . It 
would have been obvious for such modifications because a header defines the data 
portion of the document. When the header is decrypted, a decryption key contained in 
the header for decrypting the document allows the key to be transmitted safely. Also, 
the dummy data provides random data to include that will make the length of the data 
fields the same size; this aids in the encryption process (see col. 8, line 51 through col. 
9, line 7 of Follendore, III). 

Regarding claims 2, 16, and 32 , the combination of Carter in view of Follendore, 
Ill/Person teaches wherein the encrypted header includes an encryption marker 
comprising a random number sequence followed by a derivable variation of the same 
random number sequence, wherein a valid decryption of the encryption marker 
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indicates that the document encryption key has been found (see fig. 2, ref. num 230, 
232, and 234 Follendore, III). 

Regarding claims 3 and 17 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the electronic document comprises content information that 

is formatted"based"on an object-language having asetof formatting rules -(see-coL-8; — 

lines 17-26 of Carter). 

Regarding claims 4 and 18 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the user interface device comprises a second electronic 
document (see col. 5, lines 34-39 of Follendore, III). 

Regarding claims 5 and 19 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the information pertaining to the electronic document 
comprises a user permission table for access to all or portions of the electronic 
document and wherein only those permitted portions of the electronic document are 
decrypted (see col. 8, lines 51-59 of Carter). 

Regarding claims 6 and 20 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the encrypted header and the encrypted electronic 
document are encrypted using different encryption keys and wherein the multi-key 
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encryption table includes at least one multi-key component for each encryption key (see 
fig. 4, ref. num 428, 430, 432, and 434 of Follendore, III). 

Regarding claims 7 and 21 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the encrypted header further comprises a fingerprint for 

~ "identifying some predefined aspect of the electronic document (see fig. 2 r ref r num 230, 

232, and 234 of Follendore, III). 

Regarding claims 8 and 22 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the electronic document comprises a plurality of individual 
electronic documents and the encrypted header comprises information pertaining to 
each of the individual electronic documents (see col. 9, lines 44-49 of Carter). 

Regarding claims 9 and 23 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the information pertaining to the electronic document 
comprises a user permission table setting forth access to all or portions of each of the 
individual electronic documents and wherein only those permitted portions of the 
authorized electronic document are decrypted (see col. 8, lines 51-59 of Carter). 



Regarding claims 10 and 24 . the combination of Carter in view of Follendore, 
Ill/Person teaches wherein the content information is selected from the group consisting 
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of text, graphics, equations, tables, spreadsheets, pictures, video files, audio files, 
multimedia files and binary data of unknown format (see col. 8, lines 17-26 of Carter). 

Regarding claims 1 1 and 25 , the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the object language comprises Adobe Acrobat (see col. 8, 
lines 17^26 of Carter). - 

Regarding claims 12 and 26 , the combination of Carter in view of Follendore, 
Ill/Person teaches wherein the object language comprises a language which interprets 
Microsoft Word documents (see col. 8, lines 17-26 of Carter). 

Regarding claims 13 and 27 , the combination of Carter in view of Follendore, 
Ill/Person teaches wherein the encrypted header includes an encryption marker 
comprising a random number sequence followed by a derivable variation of the same 
random number sequence, wherein a valid decryption of the encryption marker 
indicates the header encryption key has been found (see fig. 2, ref. num 230, 232, and 
234 Follendore, II!); and wherein the encrypted electronic document includes an 
encryption marker comprising a random number sequence followed by a derivable 
variation of the same random number sequence, wherein a valid decryption of the 
encryption marker indicates the document encryption key has been found (see fig. 2, 
ref. num 234, 236, and 238 of Follendore, III). 
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Regarding claims 14, 28, and 33 . the combination of Carter in view of Follendore. 
Ill/Person teaches wherein the electronic document includes a document ID and 
wherein the document encryption key includes a combination of the document ID, the 
user information and the multi-key components, for each authorized user (see fig. 4, ref. 
num 92 and 96 and col. 13, line 63 through col. 14, line 5 of Carter). 



Regarding claim 29 . the combination of Carter in view of Follendore. Ill/Person 
teaches wherein the electronic document comprises a first electronic document and an 
annotation associated therewith, wherein the annotation is encrypted using an 
encryption key associated with a user generating the annotation (see fig. 10, ref. num 
176, 180 and 182 and col. 20, lines 51-65 of Carter); and wherein the encrypted header 
includes information pertaining to the first electronic document and the annotation (see 
col. 9, lines 56-61 of Follendore, III). 

Regarding claim 30 . the combination of Carter in view of Follendore. Ill/Person 
teaches wherein the multi-key encryption table is located remote from the user interface 
device (see col. 8, lines 27-39 of Carter). 

Regarding claim 35 . Carter teaches a method for creating a document with 
secure annotations, comprising: 

• Providing an electronic document, wherein access to the electronic document is 
available to a first set of users (fig. 4, ref. num 54,90); 
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• Generating a plurality of annotations pertaining to the electronic document using 
the document language (fig. 10, ref. num 176); 

• Encrypting each annotation using an annotation encryption key associated with a 
user generating the particular annotation, wherein access to an encrypted 
annotation is available to users having access to the respective annotation 

encryption key (fig, 1 0rref7numT80 and 182 and'colT 20rlines 51-65); 

For each annotation encryption key: 

• Generating a multi-key encryption table for use in a multi-key encryption 
method, the table comprising at least one multi-key component (fig. 6, ref. 
num 114, 116, and 118 and col. 13, line 18 through col. 14, line 22); 

• Providing a user interface for enabling a user to input a user authorization 
for access to at least a portion of an encrypted annotation (fig. 9, ref. num 
152 and col. 16, lines 16-29); 

• Combining the user authorization with each of the stored multi-key 
components in the multi-key encryption key table to decrypt the 
annotation, wherein valid decryption of the annotation indicates the correct 
annotation encryption key has been found (fig. 1 1 , ref. num 1 92); and 

• Access to the encrypted electronic document is available to the first set of users 
and access to the encrypted annotations in the separate file is provided only to 
users having the required encryption keys (fig. 11, ref. num 192). 
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Carter does not teach concatenating the plurality of encrypted annotations in a 
second electronic document, and merging the second electronic document and the 
encrypted electronic document into a third electronic document. 

Follendore. Ill teaches concatenating the plurality of encrypted annotations in a 

seconcl"erectronic document (fig: 2, ref.num 224),and merging the second electronic 

document and the encrypted electronic document into a third electronic 
document (fig. 2, ref. num 222 and 224 contained within 218). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine concatenating the annotations in a second document 
and merging the second electronic document and the encrypted electronic document 
into a third electronic document, as taught bv Follendore, III with the method/system of 
Carter . It would have been obvious for such modifications because the annotations can 
become many for only one file. By combining the annotations into their own electronic 
document, they can be handled on their own with their own keys separate from the 
electronic document. 

Regarding claim 37 , the combination of Carter in view of Follendore, III teaches 
further comprising the step of: 

• Encrypting the first electronic document using a document encryption key, 
wherein access to the encrypted electronic document is provided only to users 
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having the required encryption key (see fig. 6, ref. num 112 and col. 13, lines 4- 
17 of Carter); 

• Generating a multi-key encryption table for us in a multi-key encryption 
method, the table comprising at least one multi-key component (see fig. 6, 
ref. num 114, 116, and 118 and col. 13, line 18 through col. 14, line 22 of Carter); 

• Generating an encrypted header comprising information pertaining to the 

electronic document (see fig. 2, ref. num 224 of Follendore, III); 

• Providing a user interface for enabling a user to input a user authorization 
for access to at least a portion of the encrypted document (see fig. 9, ref. 
num 152 and col. 16, lines 16-29 of Carter); 

• Combining the user authorization with each of the stored multi-key 
components in the multi-key encryption key table to decrypt the encrypted 
header, wherein valid decryption of the encryption header indicates the 
document encryption key has been found (see fig. 9, ref. num 160 and 162 
and col. 16, line 60 through col. 17, line 26 of Carter, and see fig. 2, ref. num 242 
of Follendore, III). 

Regarding claim 38 . the combination of Carter in view of Follendore. Ill teaches 
further comprising adding an unencrypted header identifying the generating user to 
each encrypted annotation (see fig. 2, ref. num 220 of Follendore, III). 
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Regarding claim 41 . the combination of Carter in view of Follendore. Ill teaches 
wherein the encrypted header includes an encryption marker comprising a random 
number sequence followed by a derivable variation of the same random number 
sequence, wherein a valid decryption of the encryption marker indicates the annotation 
encryption key has been found (see fig. 2, ref. num 230, 232, and 234 Follendore, III). 



Regarding claim 42 . the combination of Carter in view of Follendore. Ill teaches 
wherein the separate file and the electronic document are stored in different locations 
(see col. 9, lines 37-43 of Follendore, III). 

Response to Arguments 

5. Applicant amends claims 1 , 1 1 , 1 2, 1 5, 25, 26, 31 , 35, 37, and 41 . 

6. Applicant argues: 

a. Carter does not teach generating a multi-key encryption table comprising 
at least one multi-key component and a plurality of dummy encryption 
components, wherein the multi-key encryption key table includes no information 
that may identify a user or the electronic document (page 13, second paragraph). 

b. Carter does not teach combining the user authorization with each of the 
stored multi-key components in the multi-key encryption table to decrypt the 
encrypted header (page 13, third paragraph). 

c. The dependent claims are allowable based on their dependency on the 
independent claims (page 14, second paragraph). 
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Regarding argument (a), examiner disagrees with applicant. These limitations 
were newly added; therefore, a new ground of rejection is allowable while still 
maintaining a final rejection. 

Regarding argument (b), examiner disagrees with applicant. Carter teaches that 

the supplied password isxombined with each member oHhe work group-document-until 

a successful result is found. If at the end of the list there are no results found, it is 
determined that the member does not belong to the work group document (see col. 16, 
lines 51-59 of Carter). This shows that the user authorization is combined with each of 
the stored multi-key components in the multi-key encryption table to decrypt the 
encrypted header, as claimed by applicant. Accordingly, the independent claims stand 
as rejected. 

Regarding argument (c), examiner disagrees with applicant. Based on the 
arguments set forth by argument (a) and (b), the dependent claims stand as rejected. 

Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 



_ _ than SIX MONTHS from the date of this final action. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S Hoffman whose telephone number is 571- 
272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). / 
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